From f4827dc54b73c55f34bfd77198ad0f5320cbe291 Mon Sep 17 00:00:00 2001 From: Schramm Dominik Date: Wed, 22 Apr 2026 15:45:09 +0200 Subject: [PATCH] ci: add gitea image publishing workflows --- .gitea/workflows/build-push.yaml | 130 +++++++++++++++++++++++++++ .gitea/workflows/build-snapshot.yaml | 111 +++++++++++++++++++++++ Dockerfile | 10 ++- VERSION | 1 + build.gradle.kts | 13 ++- deploy/k8s/deployment.yaml | 2 +- 6 files changed, 262 insertions(+), 5 deletions(-) create mode 100644 .gitea/workflows/build-push.yaml create mode 100644 .gitea/workflows/build-snapshot.yaml create mode 100644 VERSION diff --git a/.gitea/workflows/build-push.yaml b/.gitea/workflows/build-push.yaml new file mode 100644 index 0000000..1abac03 --- /dev/null +++ b/.gitea/workflows/build-push.yaml @@ -0,0 +1,130 @@ +name: Release Docker Image Build + +on: + push: + branches: + - master + paths: + - 'VERSION' + workflow_dispatch: + +jobs: + verify-and-package: + if: github.repository != 'templates/mono-app-with-db' + runs-on: java-node-24 + env: + GRADLE_USER_HOME: /opt/hostedtoolcache/gradle/${{ github.repository }} + + steps: + - name: 1. Checkout repository + uses: actions/checkout@v4 + + - name: 2. Prepare Gradle cache and Docker access + run: | + sudo install -d -m 0755 -o "$(id -u)" -g "$(id -g)" "$GRADLE_USER_HOME" + sudo chgrp "$(id -g)" /var/run/docker.sock + sudo chmod g+rw /var/run/docker.sock + + - name: 3. Verify and stage with Gradle + run: | + ./gradlew --no-daemon --console=plain check stageFatJar + + - name: 4. Upload test reports + if: always() + id: upload-test-reports + uses: christopherhx/gitea-upload-artifact@v4 + with: + name: test-reports + path: | + build/reports/tests/test/** + build/test-results/test/**/*.xml + if-no-files-found: warn + retention-days: 7 + + - name: 5. Output test report artifact URL + if: always() + run: | + echo "Test reports: ${{ steps.upload-test-reports.outputs.artifact-url }}" + + - name: 6. Upload staged fat jar + uses: christopherhx/gitea-upload-artifact@v4 + with: + name: application-fat-jar + path: build/ci/server.jar + retention-days: 1 + compression-level: 0 + + build-and-publish: + if: github.repository != 'templates/mono-app-with-db' + runs-on: java-node-24 + needs: verify-and-package + env: + REGISTRY: git.dslan.at + REPOSITORY: ${{ github.repository }} + + steps: + - name: 1. Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: 2. Download staged fat jar + uses: christopherhx/gitea-download-artifact@v4 + with: + name: application-fat-jar + path: ./build/ci + + - name: 3. Prepare Docker access + run: | + sudo chgrp "$(id -g)" /var/run/docker.sock + sudo chmod g+rw /var/run/docker.sock + + - name: 4. Set up Docker Buildx + uses: docker/setup-buildx-action@v3.11.0 + with: + driver: docker-container + driver-opts: network=host + + - name: 5. Read version and set image tags + id: meta + run: | + VERSION_TAG=$(cat VERSION) + echo "tag_version=$VERSION_TAG" >> $GITHUB_OUTPUT + + - name: 6. Log in to the Gitea Container Registry + uses: docker/login-action@v3.6.0 + with: + registry: ${{ env.REGISTRY }} + username: ${{ secrets.PR_USER }} + password: ${{ secrets.PR_PASSWORD }} + + - name: 7. Build and push the Docker image + uses: docker/build-push-action@v5 + with: + context: ./build/ci + file: ./Dockerfile + push: true + tags: | + ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:${{ steps.meta.outputs.tag_version }} + ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:latest + cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.REPOSITORY }}:buildcache-release + cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.REPOSITORY }}:buildcache-release,mode=max + + - name: 8. Create and push Git tag + run: | + git config user.name "${{ secrets.PR_USER }}" + git config user.email "gitea-actions@${{ env.REGISTRY }}" + TAG_NAME="${{ steps.meta.outputs.tag_version }}" + git fetch --tags + if git rev-parse "$TAG_NAME" >/dev/null 2>&1; then + echo "Tag $TAG_NAME already exists, skipping." + exit 0 + fi + git tag $TAG_NAME + git push https://${{ secrets.PR_USER }}:${{ secrets.PR_PASSWORD }}@${{ env.REGISTRY }}/${{ env.REPOSITORY }}.git $TAG_NAME + + - name: 9. Output image names + run: | + echo "Successfully pushed:" + echo "${{ env.REGISTRY }}/${{ env.REPOSITORY }}:${{ steps.meta.outputs.tag_version }}" + echo "${{ env.REGISTRY }}/${{ env.REPOSITORY }}:latest" diff --git a/.gitea/workflows/build-snapshot.yaml b/.gitea/workflows/build-snapshot.yaml new file mode 100644 index 0000000..4c4eb91 --- /dev/null +++ b/.gitea/workflows/build-snapshot.yaml @@ -0,0 +1,111 @@ +name: Snapshot Docker Image Build + +on: + push: + branches: + - master + +jobs: + verify-and-package: + if: github.repository != 'templates/mono-app-with-db' + runs-on: java-node-24 + env: + GRADLE_USER_HOME: /opt/hostedtoolcache/gradle/${{ github.repository }} + + steps: + - name: 1. Checkout repository + uses: actions/checkout@v4 + + - name: 2. Prepare Gradle cache and Docker access + run: | + sudo install -d -m 0755 -o "$(id -u)" -g "$(id -g)" "$GRADLE_USER_HOME" + sudo chgrp "$(id -g)" /var/run/docker.sock + sudo chmod g+rw /var/run/docker.sock + + - name: 3. Verify and stage with Gradle + run: | + ./gradlew --no-daemon --console=plain check stageFatJar + + - name: 4. Upload test reports + if: always() + id: upload-test-reports + uses: christopherhx/gitea-upload-artifact@v4 + with: + name: test-reports + path: | + build/reports/tests/test/** + build/test-results/test/**/*.xml + if-no-files-found: warn + retention-days: 7 + + - name: 5. Output test report artifact URL + if: always() + run: | + echo "Test reports: ${{ steps.upload-test-reports.outputs.artifact-url }}" + + - name: 6. Upload staged fat jar + uses: christopherhx/gitea-upload-artifact@v4 + with: + name: application-fat-jar + path: build/ci/server.jar + retention-days: 1 + compression-level: 0 + + build-and-publish-snapshot: + if: github.repository != 'templates/mono-app-with-db' + runs-on: java-node-24 + needs: verify-and-package + env: + REGISTRY: git.dslan.at + REPOSITORY: ${{ github.repository }} + + steps: + - name: 1. Checkout repository + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: 2. Download staged fat jar + uses: christopherhx/gitea-download-artifact@v4 + with: + name: application-fat-jar + path: ./build/ci + + - name: 3. Prepare Docker access + run: | + sudo chgrp "$(id -g)" /var/run/docker.sock + sudo chmod g+rw /var/run/docker.sock + + - name: 4. Set up Docker Buildx + uses: docker/setup-buildx-action@v3.11.0 + with: + driver: docker-container + driver-opts: network=host + + - name: 5. Read version and set snapshot tag + id: meta + run: | + VERSION_BASE=$(cat VERSION) + LAST_CHANGED=$(git log -1 --format=%H VERSION) + COUNT=$(git rev-list ${LAST_CHANGED}..HEAD --count) + SNAPSHOT_TAG="${VERSION_BASE}-SNAPSHOT-$((COUNT + 1))" + echo "tag_version=$SNAPSHOT_TAG" >> $GITHUB_OUTPUT + + - name: 6. Log in to the Gitea Container Registry + uses: docker/login-action@v3.6.0 + with: + registry: ${{ env.REGISTRY }} + username: ${{ secrets.PR_USER }} + password: ${{ secrets.PR_PASSWORD }} + + - name: 7. Build and push the Docker image + uses: docker/build-push-action@v5 + with: + context: ./build/ci + file: ./Dockerfile + push: true + tags: | + ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:${{ steps.meta.outputs.tag_version }} + ${{ env.REGISTRY }}/${{ env.REPOSITORY }}:snapshot-latest + cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.REPOSITORY }}:buildcache-snapshot + cache-to: type=registry,ref=${{ env.REGISTRY }}/${{ env.REPOSITORY }}:buildcache-snapshot,mode=max diff --git a/Dockerfile b/Dockerfile index f59595c..6970f19 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,12 @@ -FROM eclipse-temurin:21-jre +FROM eclipse-temurin:24-jre-noble WORKDIR /app -COPY build/libs/*.jar app.jar +RUN useradd -m -s /bin/bash codenames + +COPY --chown=codenames:codenames server.jar /app/server.jar + +USER codenames EXPOSE 8080 -ENTRYPOINT ["java", "-jar", "/app/app.jar"] +ENTRYPOINT ["java", "-jar", "/app/server.jar"] diff --git a/VERSION b/VERSION new file mode 100644 index 0000000..6e8bf73 --- /dev/null +++ b/VERSION @@ -0,0 +1 @@ +0.1.0 diff --git a/build.gradle.kts b/build.gradle.kts index 74b6640..2e5a948 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -14,7 +14,7 @@ plugins { apply(plugin = "org.springframework.boot") group = "at.dslan" -version = "0.1.0" +version = file("VERSION").readText().trim() java { toolchain { @@ -40,3 +40,14 @@ dependencies { tasks.withType { useJUnitPlatform() } + +tasks.register("stageFatJar") { + group = "build" + description = "Copies the boot jar to a stable location for CI image assembly." + dependsOn("bootJar") + from(layout.buildDirectory.dir("libs")) { + include("*.jar") + } + into(layout.buildDirectory.dir("ci")) + rename { "server.jar" } +} diff --git a/deploy/k8s/deployment.yaml b/deploy/k8s/deployment.yaml index 76afd48..3ee7809 100644 --- a/deploy/k8s/deployment.yaml +++ b/deploy/k8s/deployment.yaml @@ -18,7 +18,7 @@ spec: - name: codenames-registry containers: - name: codenames - image: git.dslan.at/zeugs/codenames:master + image: git.dslan.at/zeugs/codenames:snapshot-latest imagePullPolicy: Always ports: - containerPort: 8080